Trellix Endpoint Security Reviews

In Trellix Endpoint Security, I use all modules, including firewall and web control, except for encryption.

There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future.

I have been using Trellix Endpoint Security for five years. My company is a customer of the solution.

It is a stable solution. If I consider using Trellix Endpoint Security right now, I won't find it a problem since it is a good product to use.

There are around 800 users of the solution in my company.

The solution's technical support is good. Whenever I open or raise a ticket with Trellix's support team, I get a response from their end.

I rate the technical support a nine out of ten.

Positive

The implementation part of the product is not difficult. From an implementation perspective, I find the product to be good enough.

For me, the product's deployment in all endpoints takes an hour, and it is a simple process. I don't know if the deployment process is still simple or not and whether improvements have been made to the solution.

I find Trellix Endpoint Security to be a good product. In Trellix Endpoint Security, it is not simple to understand the policies and rules, but it is good as an antivirus product. Trellix Endpoint Security is not easy to use, especially since the mechanism of communication is not very good.

I rate the overall product an eight out of ten.

We use this product for our endpoint security.

The most valuable features are:  

- reporting facility using the ePO console for conformity and threat identification  

- using the advanced threat protection (ATP) 

- MNE module for customising and securing Windows Bitlocker.

We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us. I don't think that the problem lies in the antivirus, but rather, it's the user. Users are not happy with the antivirus and they try to solve the issue on their own, and that causes very big problems.

The is an incompatibility problem between Mcafee and Linux subsystem for Windows, another that has to do with Outlook and scripts. McAfee knows that, but the problem can't be solved at this time so we try to minimize the effect.

We have been using McAfee Endpoint Security for ten years.

In terms of stability, we haven't had many problems.

We use that solution for more that 10k station and servers, and we have space to grow...

The support that we get from McAfee is excellent.

We tried Bitdefender, F-Secure, and many other products before settling on McAfee. When our central agency switched to McAfee, we all adopted it.

The price of this product is good.

One of our subsidiaries has tried to switch products, although I don't know the reason why. Ultimately, the project was aborted.

My advice for anybody who is looking at McAfee Endpoint Security is simply to use it.

I would rate this solution an eight out of ten.

I personally really like what the folks at Intel did when creating the Endpoint Protection Suites. Running the EASI.exe installer from the .zip file simplifies the build process for newer administrators and engineers by installing a base-system tree, basic policies, and streamlining the installation process. 

What most don't seem to grasp is that Endpoint Protection is a Suite Install Package. There are 6 different versions of Endpoint Protection, each coming with different applications installed. Primarily, I usually install the Endpoint Protection Advanced Suite (EPA) & Complete Endpoint Protection Suite (CEE). I recommend installing SQL either on the same box as ePO if you're managing under 5000 endpoints, or on a separate SQL server if higher, overusing the SQL Express that comes with the Installer. The primary reason is that if you use SQL Express, you do not have access to SQL Management Studio. Having access to the data tables and being able to clean up the space on the SQL server over time will be a must. The Complete Endpoint Suite has certainly simplified the build procedure.

I have been installing ePO and the separate modules for years. I am a bit biased on Intel Security products as it is how I make my living as a Subject Matter Expert .

There are a few things I wish the folks at Intel would fix. 

The primary for me is with the ePO Query creation. Queries in ePO are powerful tools as they can be used to create dashboards, server tasks, and be exported or rolled up to Senior Management. In older versions of ePO (4.0 & 4.5) the Queries, gave a wide range of data. With ePO 4.6, 5.0, 5.1 & 5.3 the data could be pulled from various installed products to get the data that you were looking for, with the current versions of ePO you can only pull the fields listed in the "Result Type/Feature Group" and it is very limited.

A good example...If i wanted to try and create one report that shows all Common Configuration Enumeration (CCE) data (this data comes from Policy Auditor) while also showing what software is installed from each system  (this data comes from Application Control) and adding in fields such as IPv4, FQDN, OS version, Domain...Simplified, if I could pull Hardware Asset, Software Asset, CCE Data, and Policy Auditor Scoring all on one report, it would make my life so much easier. 

Alas, this cannot be done with the current Query Building setup. The fields that are available are limited to each application installed and are only for that application.

I have found DLP to be a valuable feature.

When it comes to DLP or McAfee Security Encryption, with which I am happy, I like to make use of the solution for Vault, but find that the encryption is problematic. The system needs reforming. Suppose the solution is utilized on a laptop or desktop and the client wishes to make an assignment to another person but forgot his password. The data cannot be archived or backed up. 

I have been using McAfee Endpoint Security for the past five years.

The solution is reliable.

Previously, I used the solution for a single site consisting of nearly 300 users. However, as I found it to also be a good tool for DLP endpoint, I now use it for another client with nearly 700 users.

Counting from one to ten, this being the highest, I fully support the solution's technical services.

The initial setup is very simple, allowing a person to get the videos or documents on the internet. 

The deployment takes one to two days.

I do licensing on an annual basis and this is what I always recommend to my clients over the monthly option. This is because all my clients are long-term and do not wish to pay on a monthly basis, instead preferring licenses of, perhaps, three years with an additional one or two year option. 

I am using the latest version of the solution minus one. 

Some of our clients deploy the solution on-premises and others use clouds, such as AWS or IBM Cloud. I'm actually a service partner with IBM Cloud and the community manager with AWS Cloud.

We currently have two or three clients utilizing the solution and it can be said that it is a good product. 

The solution is really good and competitively priced, so someone wishing to secure his enterprise or make use of it in an inexpensive fashion should do so. 

I would rate it a seven out of ten. 

I work for a company that is a McAfee partner. We sell the solution, and we have engineers that implement the solutions. Basically, I am part of the technical staff that implements the solution on-premise.

We use endpoint security for our clients. We configure policies to scan the computer every single day in some cases and every week or even every moment. Basically, it protects the endpoint, and we have policies to do advanced threat protection.

Thanks to the implementation of this tool, we have managed to avoid massive virus infection, have visibility into console events and be able to implement action plans to contain threats.

Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful. We use the firewall to protect the client's network or even blocks and some kind of traffic that the computer received. The ATP model, I think, is one of the most important features because it can protect the computer when an application doesn't work as expected. It will alert and send messages to the ePO, and we can see everything.

The local technical support could be better. It would also help if the engineers can develop some automation features for the on-prem ePO. For example, in the on-prem ePO, you can store the endpoint using the IP address or using text, or using the default version. But in the MVISION ePO, you don't have that kind of feature. It's complicated to sort the endpoint because you have to do it manually.

I also think the detailed level of the detection could be better. In some cases, it's very complicated to figure out which file is the one that is actually impacted, depending on the dashboard you see. The dashboard is one of the most important things in the ePO because it's where you can see everything in a central location. But sometimes, you need to change from one view to another view to find what you're looking for.

I have been using McAfee Endpoint Security for about three years.

It's very stable. It works as expected, and I am very happy with this solution.

This is a very flexible product. It can be installed on a single physical or virtual server, or well installed on a windows cluster, and if you want to explore other modes it can also be implemented in the AWS cloud or as a SAAS.

In some cases, if the report comes from India or America, it's basically an open and shut case. But if the support comes from Latin America, you probably have to scale that problem to another area or another region. You need a person that has more experience with the product.

No. 

The initial setup can be both straightforward or complex. Some documentation on clients is very slow. Basically, we spent time implementing the ePO version because sometimes the database from the ePO is too big, and we need to do some things to the database to shrink the space, and it doesn't always work as expected. Sometimes, we have to follow one, two, or three steps to get the data and various scenarios to increase the number of steps because troubleshooting wasn't working.

If we implement MVISION, eventually, it would take around three hours because we have to install the software on the server. We have to do all the upgrades and implement some upgrades to the ePO software. Basically, it's three hours, but it can take five to six hours, depending on the data's size.

We implement this solution for our customers. If you are an engineer, and you have the experience, you can do it. If someone doesn't have experience with the OS, with Windows, or with the product, you might need specialized engineers.

For the issue of implementation costs, you require that the partner you use has qualified personnel to carry out this activity or you can use the professional services of McAfee, but these can be somewhat expensive.

Our clients ask us about other solutions like Cylance. I have one client that uses CrowdStrike. If you compare Cylance and McAfee Endpoint Security, the main difference is support. 

McAfee is excellent. You can ask any questions, and with a couple of clicks, you will find the answer to the issue. If you don't find it, you can open a support ticket. Sometimes, the McAfee solutions are very complex to configure. Just in some topics, but on the other hand, very simple to configure.

I recommend that the client needs to be aware of what McAfee can do for them. If the engineer can implement the solution, he'll just follow the book, and he's not going to get the best experience from the product.

To not impact the computer or the endpoint's performance, you need to finetune the policies. If the engineer doesn't have that kind of experience, you won't get the best out of the product. The client needs to get an engineer with a lot of performance tuning experience to get the most out of the product.

On a scale from one to ten, I would give McAfee Endpoint Security a nine.

The most valuable feature that I've found most useful is the availability of seamless AES 256 full-disk encryption.

I don't need to worry about the content of a laptop if it's lost or stolen. It provides better security of laptops when doing foreign travel.

I think encryption needs to move to an all hardware-based solution. Software encryption is less efficient than hardware-based. Intel purchased McAfee a few years ago, so this company is set up from the chipset point-of-view.

We've used it for six years.

Initially, we ran into issues running full-disk encryption and certain versions of disk defragmentation software. However, this has now been resolved.

There have been no issues with the stability.

We have had no issues scaling it for our needs.

9/10. I've found technical support to be very good and responsive.

We selected this endpoint protection solution due to its multi-platform support, not just Windows (e.g BitLocker). Other reasons were that it has enterprise key storage and recovery, which is very important to us.

It's fairly easy to get going. It's been around for a while now, and there are lots of use cases. You just just need to follow the best practice installation documentation.

We implemented it with the help of a McAfee vendor team.

Everything has a cost. During the initial product evaluation, price was considered but it was not a show stopper.

The central management console, ePO, is very useful. It incorporates file/folder encryption as well as encrypted thumb drive registration and policy management.

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

This product is mainly used for detecting viruses and malware on the laptops and also to scan older, existing files.  

The ability to check a wide range of vulnerabilities and devices is a very valuable feature in this product. This is not really a user interface or manually driven product. VirusScan gives an alert to the user that a scan should be performed on their device and the user has to click it to initiate the scan. Then McAfee scans the device and it gives a report saying that it has run a scan of the system and now everything is fine. It runs for the user rather than manual scanning.  

We are using it so the company is providing better security coverage end-to-end. I am not sure how to improve on that because it already achieves that goal and updates constantly.  

One thing I think it should do is alert administration if some attack is happening in local systems. I am not seeing that kind of alert. When users run a scan on their own system and nothing is found, that is fine. But ideally, VirusScan also has to send a notification of the source of an attack if one is detected.  

For example, if the threat came from opening an email attachment, an alert could be broadcast to warn other users on the system not to open the same attachment and McAfee could do that automatically. Something like that. Or at least it should make a report or alert for the administrator so that they can take the proper action.  

For the last six to eight years we have been using McAfee VirusScan Enterprise.  

The stability of the solution is fine, actually, and we are satisfied. It does not have a problem working with the 10,000+ users in our organization. It checks and updates everything every day and the stability is there.  

The scalability with McAfee is good. We currently have about 10,000 laptops which we are using it to secure. It is globally distributed and everybody uses the data scanning to ensure data security is a high priority.  

The people are using it with roles that range from the top to the bottom of the corporation. It is mandatory to use McAfee to ensure that we are in compliance with security regulations as well as preventing data loss on our local systems.  

We have plans to increase the usage of this product as the employee base and the number of devices increases.  

I did not have a chance to interact with the technical support team at McAfee because our local internal IT takes care of everything when it comes to the maintenance. Some issues that we have occur because the product is not upgrading locally for whatever reason. Our IT people will handle that type of minor support issue for us.  

As far as I know, before this company used McAfee VirusScan as a solution for these past six to seven years, there was not another endpoint security protection product in place.   

The initial setup is straightforward for the administration. The end-user should not have to do anything. There is an automatic trigger and it scans devices on the network along with their files and automatically generates a report. That is all there is to it. It is updated through the central station which tracks the upgrades and the devices that it scans.  

The implementation is kind of done in incremental steps because it is a cloud solution. It is just being pushed from the system to the central location. The agent runs on every laptop and we either manually click it when it issues a notice that it is time to scan the device, or it triggers by itself. It automatically runs these processes without intervention.  

As always, the cost of the licenses has to be paid and it will be per user per year. But the cost is minimal because we have taken a sort of deal with McAfee for a site license.  

I recommend McAfee VirusScan to everyone in an enterprise environment. Part of the reason is that nowadays everyone is working from home. Their systems and devices have to be secure when they are connecting externally to the internal network with whatever device they are using. They should have at least one security solution in their system so that they can avoid vulnerabilities that they may encounter outside of the secure internal network. VirusScan ensures that is happening.  

On a scale from one to ten where one is the worst and ten is the best, I would rate McAfee VirusScan Enterprise as a nine-out-of-ten. It is a very good solution and gives good blanket protection.